Forms authentication web forms Error message 401.2 Access is denied

3
votes

so i'm trying to put a forms authentication the problem is i'm getting 401.2 Error when i try to go to my login.aspx page, i'm working with iisexpress

 <authorization>
  <deny users="?"/>
</authorization>

<authentication mode="Forms">
<!--<forms loginUrl="Login.aspx" name=".ASPXFORMSAUTH" path="/"></forms>-->
  <!--<forms loginUrl="Login.aspx" timeout="2880" defaultUrl="/" />-->
</authentication>

I tried to add this but it didn't solve my problem 

   <location path="Login.aspx">
    <system.web>
      <authorization>
        <allow users="?" />
      </authorization>
    </system.web>
  </location>
     <location path="Content">
        <system.web>
          <authorization>
            <allow users="?" />
          </authorization>
        </system.web>
     </location>

  <location path="fonts">
    <system.web>
      <authorization>
        <allow users="?" />
      </authorization>
    </system.web>

  </location>
  <location path="Scripts">
    <system.web>
      <authorization>
        <allow users="?" />
      </authorization>
    </system.web>
  </location>

I searched and tried several solution but no chance have you any idea?

2
asp.netwebformsforms-authenticationunauthorized

2 Answers

0
votes

Simple Forms Authentication from MSDN

<system.web>
  <authentication mode="Forms">
    <forms loginUrl="Login.aspx" name=".ASPXFORMSAUTH">
    </forms>
  </authentication>
  <authorization>
    <deny users="?" />
  </authorization>
</system.web>

very clear and good article I have in bookmarks http://weblogs.asp.net/gurusarkar/setting-authorization-rules-for-a-particular-page-or-folder-in-web-config

0
votes

Finally i made a workarround like this I deleted this part : 

<authorization>
  <deny users="?"/>
</authorization>

then I modified the locations tags like this :

<location path="Login.aspx">
    <system.web>
      <authorization>
        <allow users="?"/>
      </authorization>
    </system.web>
  </location>
  <location path="Default.aspx">
    <system.web>
      <authorization>
        <deny users="?"/>
      </authorization>
    </system.web>
  </location>
  <location path="Users.aspx">
    <system.web>
      <authorization>
        <deny users="?"/>
      </authorization>
    </system.web>
  </location>
  <location path="Content">
    <system.web>
      <authorization>
        <allow users="?"/>
      </authorization>
    </system.web>
  </location>
  <location path="fonts">
    <system.web>
      <authorization>
        <allow users="?"/>
      </authorization>
    </system.web>

  </location>
  <location path="Scripts">
    <system.web>
      <authorization>
        <allow users="?"/>
      </authorization>
    </system.web>
  </location>

So when I tru to go to default or users page i'm gettting redirected automatically to login page. I really searched a lot to understand what i'm doing wrong but didn't find out so I'm adopting this solution for the moment.